Installing and using your certificate in Microsoft Outlook 2003

» Installing and using your certificate in Microsoft Outlook 2003

After installing your certificate in Internet Explorer, it will be available for use in Outlook 2003. To use your certificate in Outlook 2003, do the following:

Choose "Tools" in the Outlook menu bar

Choose "Options"

Choose the "Security" tab

To define your security settings and to specify which certificate you wish to use you need to define your default security settings. To do so you need to click the "Settings…" button. You will then see the following screen:

You can create different security settings and give these separate names. You can define the following settings:

Secure Message Format (type of e-mail)

Digital Signature Settings

Encryption Settings

Security Setting Preferences (setting defaults)

The first step is to give your setting a name, this you can choose yourself:

The "Digital Signature" settings allow you too choose the certificate you wish to use for signing your emails. If you click the "Choose…" button you will be presented by an overview of your personal certificates:

You can view each certificate by first selecting a certificate and then clicking on the ‘View Certificate…’ button. You will now have a screen which gives an overview of the certificate:

When you find the certificate you want to use select it and click "OK":

The certificate will now be added to both the "Signing Certificate" and "Encryption Certificate" box for this security setting.

However if you wish to change your Encryption Certificate, you can do so by clicking "Choose…" next to "Encryption Certificate" and following the above procedure to select your desired certificate:

Both "Signing Certificate" and "Encryption Certificate" settings section also allow you to define which type of hashing algorithm you want to use for the creation of your signatures (SHA-1, MD5 or 3DES etc).

Click "OK" to save this Security Setting.

——————————————————————-

Digitally signing your e-mail messages with Microsoft Outlook 2003

The first step to securing your e-mail messages is to sign them using your digital certificate.Open a new email window:

At the top of this window you will see two icons, the first is the signing icon and selecting this will sign your email with the chosen certificate, the second is the encrypting icon and selecting it will encrypt your email (note: you will need the public key of your recipient before you can encrypt your email).

Signing Icon

Encrypting Icon

Your digital signature enables the recipient of your message to verify that you actually sent the message and that it was not altered along the route. Signing your email will also give your recipient your public key, this will allow your recipient to send you encrypted emails in the future. When you sign your message, it does not mean that anybody can intercept or read your message. Signing a message does not affect the contents of the message in any way or protect the message from being intercepted and read by someone other than the intended recipient. To ensure that only the recipient can read a message, you must also encrypt the message. If the recipient of your signed message uses an S/MIME–enabled e-mail package, he can still read your message. In that case, your digital signature shows up as an attachment. The signed icon shows that the received message was signed.

The untrusted signature icon shows that the received message was signed by a certificate which was issued by a CA which you do not trust yet (because you have not installed its root certificate or it has been revoked). This icon looks like:

You can sign your messages each time you want to sign or you can configure your security settings (as described previously) to sign using a specific certificate.

——————————————————————-

Customizing your Microsoft Outlook 2003 to have the Signing and Encryption buttons appear on your toolbar

In some cases you may not have these icons on your email window. In order to have these appear each time you start a new email follow the following steps:

1. From your toolbar click on New message button

2. A blank email will open. In this new window, click on Tools and then Customize from the next dialog box

3. Select the Commands Tab

4. In the Categories list select Standard and scroll down to "Digitally Sign Message" and "Encrypt Message Contents.."

5. To have the Digitally Sign Message button appear on your toolbar, select it and drag it to the Toolbar holding down the mouse as shown below :

Repeat this procedure for the "Encrypt Message" button

Click on Close to finish this procedure

——————————————————————-

Encrypting / scrambling your e-mail messages with Outlook

The second step to secure your e-mail messages is to encrypt them. E-mail messages are relatively easy for other people to intercept or read. You can avoid this by encrypting your messages so that only the recipient of the message can read it. Encrypt with Outlook 98 is as easy as signing.

To encrypt your message you need to have a copy of the digital certificate of the intended recipient. When you receive a signed email, you can save the certificate of the sender in your Contacts List. You need to create an entry in the Contacts List if you want to send encrypted email to that person. You must also import his digital certificate into your Contacts List. You can also find someone’s certificate in the online directory of the certification authority (GlobalSign,…)

When you receive an e-mail, the encrypted icon indicates that the message has been encrypted. This icon appears in the lower right corner (blue padlock) of the address pane. The encryption process is done automatically. You can encrypt your messages each time you want to encrypt or you can configure your security options so that your messages will be automatically encrypted every time the digital certificate resides in your address book. When you receive an encrypted message the encrypted icon appears on the email window:

——————————————————————-

Managing correspondents’ digital certificates.

To send someone an encrypted message, you need a copy of their digital certificates in your Contacts List.

——————————————————————-

Save a digital certificate from a signed message.

When you receive a signed or encrypted message, you can save the digital certificate of that person in your Contacts List. You first need to use your right mouse button and select the senders details:

This will give you the following screen, Select "Add to Outlook Contacts":

To check the certificate has been added to your contacts details, Click the "Certificates" tab. The certificate should be listed here: Click "Save and Close" to save it in your contacts.

——————————————————————-

Importing a downloaded digital certificate.

You can search for a digital certificate in an online database such as GlobalSign’s, download the certificate and add it to your Contact details of your contact so that you can send an encrypted message to that person.To import a downloaded digital certificate in your Contacts List:

In Outlook 2003, create a new address or open an existing one in your Contacts List

Choose "Certificates"

Choose "Import"

Select the downloaded file with the digital certificate and choose ‘open’

——————————————————————-

To remove a digital certificate from your Contacts

Open the address of the person from whom you want to remove the digital certificate.

Choose "Certificates"

Select the certificate you want to remove

Click on "Remove"

Note: When you remove someone’s digital certificate you will no longer be able to send encrypted messages to that person.